Lucene search

Drupal Security TeamDRUPAL-SA-CONTRIB-2014-006

HistoryJan 22, 2014 - 12:00 a.m.

SA-CONTRIB-2014-006 - Language Switcher Dropdown - Open Redirect

2014-01-2200:00:00

Drupal Security Team

www.drupal.org

5.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:P/A:N

0.967 High

EPSS

Percentile

99.7%

JSON

The Language Switcher Dropdown module enables you to place a block with a convenient drop-down language switcher. After choosing a value the user is redirected to the url of the relevant language.

The module doesn’t check that the url provided is a valid internal path prior to redirecting.

CVE identifier(s) issued

CVE-2014-9737

Versions affected

Language Switcher Dropdown 7.x-1.x versions prior to 7.x-1.4.

Drupal core is not affected. If you do not use the contributed Language Switcher Dropdown module, there is nothing you need to do.

Solution

Install the latest version:

If you use the Language switcher dropdown module for Drupal 7.x, upgrade to Language Switcher Dropdown 7.x-1.4

Also see the Language Switcher Dropdown project page.

Reported by

Eric Peterson

Fixed by

Mohammed J. Razem the module maintainer

Coordinated by

Lee Rowlands of the Drupal Security Team

References

drupal.org/contact

drupal.org/project/lang_dropdown

drupal.org/security-team

drupal.org/security-team/risk-levels

drupal.org/security/secure-configuration

drupal.org/user/1467594

drupal.org/user/395439

drupal.org/writing-secure-code

drupal.org/user/255384

twitter.com/drupalsecurity

5.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:P/A:N

0.967 High

EPSS

Percentile

99.7%

JSON

Related for DRUPAL-SA-CONTRIB-2014-006